Controlling Access to a VTY via SSH to a specific IP helps improve security to your Cisco Switches or Routers.
You can control who can access the virtual terminal lines (vtys) to a router or Cisco Switch by applying an access list to inbound vtys.
Switch(config)#access-list 1 remark “Restrict SSH Access”
Switch(config)#access-list 1 permit host 10.11.1.15 log
Switch(config)# line vty 0 4
Switch(config-line)#access-class 1 in
Switch(config-line)#end
Switch#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]
Switch#
Perform the above steps when you want to control access to a vty coming into the Cisco router or Cisco Switch by using an access list.
Warning:
I am not responsible for any damage to your Cisco Catalyst Switch. If you point the finger at me for messing up your Cisco Catalyst Switch, I will definitely laugh at you.